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ABSTRACT 


This  thesis  develops  a  simple  method  for  evaluating  adversarial  risk  within  the  transporta¬ 
tion  portion  of  the  nuclear  fuel  cycle  for  commercial  electric  power  generation,  and  de¬ 
velops  models  that  can  guide  the  reduction  of  that  risk  by  such  means  as  rerouting  and 
decoy  shipments.  A  conceivable,  worst-case  attack  by  an  intelligent  adversary  will  cause 
a  localized  release  of  radioactive  material.  A  damage  function  is  defined  using  the  popu¬ 
lation  in  the  vicinity  of  the  attack.  Using  hypothetical,  but  realistic,  transit  routes  between 
fuel  fabricators  and  power  plants,  we  identify  the  worst-case  locations  for  attack.  Then  we 
formulate  and  solve  mixed-integer  programs  to  either  (a)  redesign  the  network  by  chang¬ 
ing  supply  contracts,  or  (b)  optimally  allocate  a  resource-constrained  assignment  of  de¬ 
coy  shipments.  We  also  demonstrate  a  greedy  procedure  for  simple  rerouting  of  individual 
shipments.  Computational  methods  exploit  standard  geographical  databases,  and  optimiza¬ 
tion  software  solves  the  models  in  seconds  on  a  personal  computer.  Separate  but  similar 
analyses  would  apply  to  shipments  of  uranium  hexafluoride,  spent  fuel  being  shipped  for 
reprocessing,  spent  fuel  being  shipped  to  a  repository,  and  other  materials. 
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Executive  Summary 


This  thesis  develops  a  simple  method  for  evaluating  adversarial  risk  within  the  transporta¬ 
tion  portion  of  the  nuclear  fuel  cycle  for  commercial  electric  power  generation,  and  devel¬ 
ops  models  that  can  guide  the  reduction  of  that  risk  by  such  means  as  rerouting  and  decoy 
shipments.  The  research  focuses  on  the  U.S.  fuel  cycle,  but  the  methods  developed  are 
flexible  enough  to  handle  current  and  future  fuel  cycles  around  the  world.  “Adversarial 
risk”  measures  the  potential  danger  posed  by  an  intelligent  adversary  who  might  (a)  attack 
a  shipment  and  steal  material  to  to  be  used  in  an  improvised  nuclear  device,  or  (b)  attack  a 
shipment  with  one  or  more  explosive  devices  and  cause  a  direct  release  of  dangerous  ma¬ 
terials  into  the  environment,  or  (c)  hijack  a  shipment,  move  it  to  a  new  location,  and  then 
release  some  of  the  contents  into  the  environment. 

“Adversarial”  covers  conceivable,  worst-case  attacks  by  an  intelligent  adversary.  Stealing 
dangerous  material  from  a  shipment  is  almost  inconceivable  given  the  safeguards  in  ship¬ 
ping  and  the  great  bulk  of  the  containers  used  for  shipping  uranium  hexafluoride,  fresh 
nuclear  fuel,  and  spent  nuclear  fuel.  Therefore,  we  do  not  consider  case  (a).  Further¬ 
more,  we  do  not  view  the  theft  of  yellowcake  as  a  serious  threat  since  it  must  undergo  a 
complicated  enrichment  process  before  becoming  dangerous.  On  the  other  hand,  a  litera¬ 
ture  review  indicates  that  a  terrorist  organization,  using  weapons  and  methods  that  may  lie 
within  that  organization’s  reach,  could  strike  a  shipment  of  nuclear  material  successfully; 
enough  material  could  be  released  to  inflict  substantial  physical  and  economic  damage.  A 
hijacking  attack  appears  much  less  likely  to  succeed,  but  our  methods  extend  to  analyze 
such  scenarios. 

Both  rail  and  truck  shipments  are  subject  to  adversarial  risks.  We  limit  most  discussion  and 
development  to  truck  shipments,  however,  because  the  thesis’s  methods  carry  over  from 
truck  to  rail  shipments  in  a  straightforward  fashion. 

Focusing  on  directs  attacks  (b),  we  note  that  any  existing  “damage  function”  for  a  worst- 
case  attack  will  yield  monotonically  increasing  values  as  a  function  of  the  total  population 
affected,  namely,  the  population  in  a  model-defined  area  surrounding  a  shipping  route. 
This  monotonicity  allows  us  to  use  population  in  an  area  around  a  point  on  a  transportation 


xv 


route  as  a  surrogate  for  the  “true  damage”  that  would  accrue  from  an  attack  at  that  point. 
The  surrogate  then  generates  the  objective  function  for  several  game-theoretic  models  for 
minimizing  adversarial  risk  or  expected  adversarial  risk. 

To  illustrate,  we  use  hypothetical  but  realistic  data  to  evaluate  adversarial  risk  for  fresh-fuel 
shipments  in  the  United  States,  and  show  how  to  (a)  minimize  adversarial  risk  by  redesign¬ 
ing  the  network  so  that  shipments  travel  through  areas  that  would  be  “less  risky,”  or  (b) 
minimize  expected  adversarial  risk  by  a  resource-constrained  assignment  of  decoy  ship¬ 
ments.  “Redesign”  in  (a)  could  mean  renegotiating  supply  contracts  or  simply  rerouting 
individual  shipments.  Depending  on  problem  specifics,  optimization  of  these  “defender- 
attacker  models”  is  achieved  by  solving  an  integer  program  or  by  applying  a  simple  greedy 
procedure.  Separate  but  similar  analyses  would  apply  to  shipments  of  uranium  hexafluo¬ 
ride,  spent  fuel  being  shipped  for  reprocessing,  spent  fuel  being  shipped  to  a  repository, 
and  other  materials. 

Because  a  simple  surrogate  risk  measure  applies  for  adversarial  risk  analysis,  data  require¬ 
ments  are  modest.  Furthermore,  computational  methods  exploit  standard  geographical 
databases  and  optimization  software.  Again  focusing  on  fresh-fuel  transportation,  com¬ 
putations  provide  results  of  the  following  form: 

1.  Under  reasonable  constraints,  renegotiation  of  fuel  supplies  (i.e.,  supplier-to-power- 
plant  assignments)  could  reduce  the  risk  surrogate  by  g%.  Furthermore,  a  linear 
relationship  between  the  surrogate  and  actual  damage  might  be  reasonably  assumed, 
so  actual  risk  might  be  reduced  by  g%,  also. 

2.  Without  rerouting,  expected  risk  for  fresh-fuel  shipments  can  be  reduced  by  h% 
through  the  use  of  decoy  shipments  with  a  total  mileage  limit  of  m  miles  per  year. 
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CHAPTER  1: 
INTRODUCTION 


The  U.S.  Department  of  Energy  (DoE)  and  others  are  concerned  with  the  risk  of  “damage” 
from  an  attack  on  the  transportation  portion  of  a  commercial  nuclear  fuel  cycle,  domestic 
or  foreign  [1],  This  thesis  develops  and  demonstrates  a  general  model  for  (a)  evaluating 
this  “adversarial  risk”  and  (b)  minimizing  this  risk  subject  to  resource  constraints. 

An  attack  could  involve  the  destruction  of  a  shipment  of  feedstock  and  the  exposure  of 
a  local  population  to  a  toxic  and/or  radioactive  substance,  or  it  could  involve  the  theft 
of  material  that  would  be  converted  into  a  fission  or  nuclear-dispersion  weapon,  and  then 
unleashed  upon  a  population.  Damage  might  involve  only  bad  publicity,  although  this  could 
have  a  substantial  economic  effect  on  the  industry.  But,  the  possibility  exists  that  damage 
would  mean  the  loss  of  thousands  of  lives  from  the  explosion  of,  say,  a  nuclear-dispersion 
device. 

This  thesis  creates  a  surrogate  model  for  evaluating  adversarial  risk  and  applies  that  to 
create  the  objective  function  for  several  new  game-theoretic  risk-reduction  models.  Using 
realistic  but  notional  data,  we  demonstrate  with  several  examples.  For  example,  given 
that  “risk  of  damage”  from  an  attack  on  a  given  shipment  increases  monotonically  with 
the  population  that  might  be  affected,  we  show  how  a  cardinality-restricted  set  of  origin- 
destination  pairs  might  be  modified  to  minimize  risk. 

The  rest  of  this  thesis  proceeds  as  follows.  Chapter  2  reviews  the  nuclear  fuel  cycle,  with 
a  focus  on  the  transportation  of  nuclear  material  between  facilities.  Chapter  3  develops  a 
general  model  for  evaluating  adversarial  risk  in  this  context.  Chapter  4  describes  the  trans¬ 
portation  “subnetworks”  that  may  be  analyzed  individually  for  adversarial  risk,  for  exam¬ 
ple,  the  subnetwork  that  ships  fresh-fuel  assemblies.  Then,  using  realistic  but  notional  data, 
Chapter  5  demonstrates  use  of  the  adversarial-risk  model  by  analyzing  the  “fresh-fuel  sub¬ 
network.”  Chapter  6  describes  a  generic,  game-theoretic,  defender- attacker  model,  which 
seeks  to  design  a  minimum-risk  subnetwork  subject  to  resource  constraints.  This  extends 
to  modifying  existing  networks  to  minimize  risk,  which  is  demonstrated  for  the  fresh-fuel 


1 


network.  Chapter  7  describes  a  general  optimization  model  for  assigning  decoy  shipments 
to  reduce  expected  adversarial  risk;  again  the  fresh-fuel  subnetwork  is  used  to  demonstrate. 
Finally,  an  appendix  describes  how  we  collect  and  manipulate  real  and  notional  data  for 
model-demonstration  purposes. 
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CHAPTER  2: 

BACKGROUND:  TRANSPORTATION  IN  THE 
NUCLEAR  FUEL  CYCLE 


This  chapter  explains  the  transportation  portion  of  a  commercial  nuclear  fuel  cycle,  with  a 
focus  on  the  U.S.  This  provides  important  background  for  developing  and  demonstrating  a 
useful  model  of  adversarial  risk. 

In  its  simplest  form,  the  nuclear  fuel  cycle  in  the  U.S.  consists  of  several  stages  for  prepar¬ 
ing,  consuming,  and  disposing  of  nuclear  material.  Figure  2.1  depicts  the  basic  processing 
steps  in  current  and  future  fuel  cycles,  and  the  flow  of  material  between  these  steps.  Each 
of  the  steps  requires  specialized  equipment,  often  located  in  standalone  facilities.  Thus, 
nuclear  materials  must  be  transported  between  facilities  to  proceed  through  some  process¬ 
ing  steps.  Focusing  on  transportation,  we  can  understand  the  overall  nuclear  fuel  cycle  as  a 
supply  chain  that  transports  material  from  its  “raw”  form  to  “finished  product”  to  “waste.” 

1.  Mining  and  Milling.  Uranium  ore  is  mined  or  removed  from  the  earth  in  a  leaching 
process. 

2.  Conversion  (1).  Triuranium  octoxide  (U3O8,  “yellowcake”)  is  converted  into  ura¬ 
nium  hexafluoride  (UF^)  for  subsequent  enrichment. 

3.  Enrichment.  UF6  is  processed,  removing  238U  to  to  increase  the  percentage  of  fissile 
235U.  This  process  typically  involves  a  gaseous  centrifuge,  but  a  number  of  tech¬ 
niques  are  known,  such  as  the  “separation  of  isotopes  by  laser  excitation”  (SILEX) 
process,  which  has  been  licensed  recently  [2]. 

Note:  Public  information  on  the  SILEX  process  indicates  that  it  uses  UFg  as  a  feed¬ 
stock.  Thus,  the  overall  physical  structure  of  the  supply  chain  may  not  change  under 
SILEX  enrichment.  This  may  not  be  true  with  the  earlier  “atomic  vapor  laser  isotope 
separation”  (AVLIS)  process,  which  may  still  be  viable,  at  least  outside  the  U.S.  This 
process  uses  vaporized  uranium  as  feedstock  [3]. 

4.  Conversion  (2).  Enriched  UFg  is  converted  into  (enriched)  uranium  dioxide  (UO2), 
which  is  then  fired  into  ceramic  pellets  for  placement  in  fuel  rods. 
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Figure  2.1:  Transportation  in  the  nuclear  fuel  cycle.  Solid  dark  arrows  represent  movement 
of  nuclear  material  between  facilities  in  the  current  U.S.  fuel  cycle;  the  light-shaded  solid  arrow 
shows  a  movement  that  could  involve  transportation  in  a  non-U. S.  cycle.  Dashed  arrows  represent 
potential  transportation  of  nuclear  material  in  future  fuel  cycles.  Many  shipments  of  spent  fuel 
have  occurred  in  the  U.S.,  but  these  have  been  on  an  ad  hoc  basis  (e.g.,  to  consolidate  storage 
for  a  single  power  producer).  These  shipments  have  not  been  part  of  an  operating  fuel  cycle  [4], 
as  they  have  been  in  other  countries. 


5.  Fabrication.  Fuel  rods  are  constructed  from  enriched  uranium  pellets,  and  gathered 
into  the  bundles  that  make  up  a  fuel  assembly,  as  used  in  power-plant  reactors. 

6.  Irradiation.  Complete  fuel  assemblies  are  installed  in  a  power  reactor,  and  controlled 
nuclear  fission  is  initiated  for  the  purpose  of  generating  electric  power. 

7.  On-site  storage.  Once  a  fuel  assembly  has  reached  the  end  of  its  useful  life,  it  is 
removed  and  placed  into  on-site  wet-waste  storage.  Here,  it  cools  over  many  months 
until  it  can  be  dried  and  placed  into  semi-permanent  dry-waste  storage.  Eventually, 
dry-waste  must  be  sent  to  a  permanent  repository  or  recycled,  but  on-site  dry  storage 
is  the  current  end  of  the  U.S.  nuclear  fuel  cycle. 

8.  Reprocessing.  Spent  fuel  can  be  reprocessed  to  concentrate  certain  radioisotopes. 
This  concentrated  material  would  then  be  sent  to  conversion  and  fabrication  facilities 
where  it  would  become  part  of  new  fuel  assemblies.  Material  from  nuclear  weapons 
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can  be  “reprocessed”  in  a  similar  fashion  to  provide  reactor  fuel. 

9.  Interim  storage.  It  is  possible  that  a  non-permanent  storage  facility  would  be  created 
to  store  dry  waste  from  one  or  more  nuclear  power  plants.  This  would  allow  power 
plants  whose  on-site  storage  has  reached  capacity  to  continue  operating,  even  though 
no  permanent  repository  had  been  built. 

10.  Repository.  Waste  material  from  an  interim  storage  site  or  from  a  power  plant’s  dry- 
waste  storage  would  be  transported  to  a  permanent  storage  site  (i.e.,  a  repository). 
Yucca  Mountain  was  intended  to  be  such  a  repository  [5]. 

Only  a  few  facilities  in  the  United  States  perform  the  processing  steps  described  above. 
Figure  2.2  displays  the  locations  of  the  processing  facilities  currently  in  the  U.S.  The 
ultimate  consumers  of  nuclear  fuel  are  reactor  facilities  that  generate  electricity.  Figure 
2.3  displays  the  locations  and  ages  of  the  nuclear  reactors  currently  operating  in  the  U.S. 
Together,  these  figures  should  give  the  reader  an  idea  of  the  geographical  scope  of  the 
models  we  are  pursuing. 


Figure  2.2:  U.S.  facilities  that  process  nuclear  materials  at  various  stages  of  the  nuclear  fuel 
cycle. 
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A  3 

Figure  2.3:  Commercial  nuclear  power  reactors  operating  in  the  U.S.  as  of  July  2013. 

For  simplicity,  the  rest  of  the  thesis  focuses  on  shipments  of  nuclear  material  through  a 
truck  shipping  network.  All  of  our  methods  apply  also  to  rail  networks  and  combined 
truck-rail  networks,  however.  No  theoretical  generality  is  lost. 
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CHAPTER  3: 

DEFINING  ADVERSARIAL  RISK 


This  chapter  outlines  our  method  for  evaluating  “adversarial  risk.”  Adversarial  risk  mea¬ 
sures  the  potential  danger  posed  by  an  intelligent  adversary  that  executes  a  conceivable, 
worst-case  attack  on  a  target  of  interest. 


3.1  A  Basic  Model  of  Risk 

To  build  an  adversarial  model  for  the  transportation  of  nuclear  materials,  consider  a  subset 
of  the  overall  transportation  network:  shipping  of  fresh  fuel  (by  truck)  from  assembly 
plants  to  nuclear  reactors.  In  this  subnetwork ,  the  material  being  shipped  is  reasonably 
homogeneous  as  are  the  transportation  containers,  which  are  fresh-fuel  casks  in  this  case. 
Fresh-fuel  assemblies  may  not  be  the  most  dangerous  material  that  is  shipped  within  the 
nuclear  fuel  cycle,  but  the  fresh-fuel  subnetwork  is  large  and  diverse,  and  it  is  easy  to 
manipulate  for  purposes  of  demonstration.  The  methods  also  apply  to  other  transportation 
subnetworks,  such  as  shipping  enriched  uranium,  mixed-oxide  (MOX)  fuel,  and  spent  fuel. 

In  an  adversarial  model,  we  use  “risk”  to  measure  the  worst  conceivable  outcome  [6].  A 
survey  of  the  literature  provides  two  key  observations: 

Observation  1:  Any  shipment  of  nuclear  materials  could  be  attacked  “successfully,”  that 
is,  to  yield  a  direct  release  of  a  substantial  quantity  of  nuclear  material  into  the  environment 
[7-9], 


Observation  2:  Damage  (bad  publicity,  deaths  and  injuries  from  chemical  and  radiation 
exposure)  would  be  positively  correlated  with  total  population  in  the  area  in  which  the 
material  is  released  [10-12].  It  is  also  clear  that  cleanup  costs  would  depend  strongly  on 
population  numbers  [13]. 

Note  1:  Lamb  and  Resnikoff  [13]  examine  a  worst-case  accident  for  spent  fuel — this  worst- 
case  accident  is  no  worse  than  a  worst-case  attack — and  estimates  a  cleanup  cost  in  an  urban 
setting  at  over  $13  billion.  Fresh  fuel  would  not  require  such  extensive  cleanup  because 
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of  lower  levels  of  radioactivity,  but  we  have  not  discovered  any  research  that  provides  cost 
estimates. 

Numerous  authors  propose  the  identification  of  minimum-risk  hazardous  material 
(HAZMAT)  routes  using  minimum-cost  routing  techniques  with  cost  defined  as  a  function 
of  the  number  of  people  that  might  be  affected  by  an  accident  along  a  route  (e.g.,  [14-16]). 
For  example,  one  cost  function,  applied  to  the  whole  route,  evaluates  expected  conse¬ 
quence ,  which  is  defined  as  the  “population  at  risk”  along  the  route  multiplied  by  the 
probability  that  an  accident  occurs  along  that  route.  Population  at  risk  may  be  defined 
as  the  total  population  within  a  certain  distance  of  the  route,  perhaps  inversely  weighted 
by  actual  distance  from  the  route.  ReVelle  [16]  refers  to  this  general  idea  as  “tons-past- 
people.”  Because  our  focus  is  a  worst-case  attack  by  an  intelligent  adversary,  we  use  nei¬ 
ther  probabilities  nor  total  population  at  risk  in  creating  a  “cost  function,”  but  rather,  use 
the  maximum  population  that  might  be  affected  along  a  route. 

For  any  point  location  t  e  L  in  the  relevant  subnetwork  s,  we  apply  Observations  1  and  2 
to  define  adversarial  risk  in  an  abstract  fashion: 

riskst  «  fs(pope),  (3.1) 

where  pop#  is  the  the  total  population  in  some  to-be-defined  region  around  location  t,  and 
where  /,(•)  is  a  monotonically  increasing  function  of  population.  For  an  exact  measure 
of  risk  (e.g.,  number  of  deaths,  years  of  cleanup,  dollars  required  for  cleanup)  the  ana¬ 
lyst  would  consult  with  the  references  cited  above,  other  existing  literature,  or  develop  a 
problem- specific  definition. 

Because  adversarial  risk  measures  a  worst-case  outcome,  the  total  risk  associated  with 
subnetwork  s  is  simply 


tot_risks 


max  riskq  =  ma  xfs(pope). 

£eL  £eL 


(3.2) 


Thus,  in  a  static  situation,  for  a  given  subnetwork,  we  need  only  focus  on  the  peak  pop¬ 
ulation  through  which  shipments  move.  How  that  population  is  measured  will  depend  on 
the  type  of  material,  but  the  measurement  method  should  be  standard  for  subnetwork  s 
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(through  which  homogeneous  materials  are  shipped  in  homogeneous  containers). 

Note  2:  Population  is  key  here  because  that  is  what  we  may  have  effective  control  over.  For 
example,  by  rerouting  fuel  shipments,  the  population  that  might  be  affected  by  an  attack 
can  change.  But  then,  how  can  we  reduce  risk  by,  say,  reducing  the  quantity  of  material  in 
a  shipment?  Without  rerouting,  population  stays  the  same,  the  worst-case  accident  would 
occur  in  the  same  location,  and  we  simply  need  to  apply  a  different  damage  function  to 
evaluate  risk  numerically. 

The  index  of  the  “worst”  subnetwork  is  simply 

,v max  =  argmax  tot_risks.  (3.3) 

ses 


After  evaluating  risk  in  a  subnetwork,  we  look  for  ways  to  reduce  that  risk.  Risk  mitiga¬ 
tion  for  transportation  should  begin  with  vmax-  Suppose  that  we  determine  that  currently,  in 
the  U.S.,  ,smax  corresponds  to  fresh-fuel  shipments.  We  assume  that  these  shipments  can¬ 
not  be  made  invulnerable  to  attack,  and  that  reducing  their  size  is  impracticable.  Splitting 
single  shipments  into  many  smaller  shipments  would  reduce  adversarial  risk,  but  might  in¬ 
crease  accident  risk  and  would  require  major  physical  changes  in  reactors  and  the  refueling 
process.  Consequently,  the  obvious  leverage  we  have  is  to  reroute  shipments  through  ar¬ 
eas  with  smaller  populations.  This  proposition,  which  follows  from  monotonicity  of 
makes  solving  risk-mitigation  problems  simple: 

Proposition  1:  When  minimizing  adversarial  risk  within  a  single  subnetwork,  maximum 
population  along  a  link  k  in  that  subnetwork  may  be  used  as  a  surrogate  for  risk  on  that 
link. 

Let  G =  (N .A)  denote  a  generic  network  consisting  of  nodes  N  and  directed  or  undi¬ 
rected  links  A.  To  illustrate  a  basic  risk-mitigation  model,  suppose  that  for  subnetwork 
5,  Ghs  —  (. NS,A $),  h—  1 defines  H  designs  that  are  under  consideration  as  replace¬ 
ments  for  the  current  subnetwork  G{)s  —  ( NS,A ®).  The  best  design,  with  respect  to  adversar- 
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ial  transportation  risk,  has 


hmin  =  argmin  max  pop  k,  (3.4) 

h=i,...,H  keA1’ 

where  popk  is  the  maximum  population  observed  along  a  defined  region  around  link  k 
(for  example,  a  circle  centered  at  a  point  on  the  route  and  encompassing  20  km2).  In 
the  following  chapters,  this  basic  concept  lets  us  develop  several  methods  for  minimizing 
adversarial  risk  by  using  decoys  or  changing  a  network’s  design. 


3.2  Other  Models  of  Adversarial  Risk 

Other  models  of  risk  have  been  proposed  for  use  in  the  context  of  terrorist  attacks.  We 
describe  two  here  and  point  out  some  of  their  pitfalls,  both  in  general  and  in  the  setting  of 
this  thesis. 

3.2.1  Probabilistic  Risk  Analysis 

A  complex  model  for  evaluating  adversarial  risk  might  consider,  for  instance,  the  sequence 
of  actions  that  make  up  an  attack — steal  a  missile  of  type  A  in  a  foreign  country,  smuggle 
a  missile  of  type  A  into  the  United  States,  launch  the  missile  at  the  target,  etc. — each  with 
some  probability  of  success  and  leading  to  an  overall  probability  of  success.  One  can 
also  assign  probability  distributions  on  the  amount  of  material  that  would  be  released  for 
each  possible  weapon  type  and  the  direction  and  strength  of  the  wind  at  the  time  of  the 
attack.  Such  analysis  is  classified  as  probabilistic  risk  assessment  (PRA),  and  PRA  has 
been  suggested  for  “terrorism  risk  analysis”  [17, 18]. 

The  difficulties  with  such  models  are  well  known,  for  example  (a)  they  place  static  prob¬ 
ability  distributions  on  dynamic  human  decision  making  and  thereby  violate  the  tenets  of 
game  theory,  (b)  they  typically  rely  on  a  great  deal  of  “data”  derived  from  subjective  esti¬ 
mates  from  subject  matter  experts  (SMEs),  and  (c)  these  data  may  require  enormous  effort 
to  obtain  and  maintain  and  have  uncertain  quality  [19, 20].  By  contrast,  our  models  derive 
from  simple  physical  models  and  make  minimal  assumptions.  In  our  opinion,  a  complete 
worst-case  analysis  should  be  carried  out  and  be  found  wanting  before  attempting  to  im¬ 
prove  that  analysis  through  probabilistic  methods. 
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3.2.2  Attack  Difficulty 

In  a  study  led  by  the  Sandia  National  Laboratories,  Cipiti  et  al.  apply  the  Risk-Informed 
Management  of  Enterprise  Security  (RIMES)  technique  to  analyze  possible  attack  scenar¬ 
ios  on  a  small  modular  reactor  [21].  This  technique  seeks  to  categorize  attacks  in  terms 
of  their  difficulty  to  execute,  and  then  to  assess  risk  by  comparing  “attack  difficulty”  with 
“potential  attacker  capability.” 

Cipiti  et  al.  consider  13  dimensions  of  attack  difficulty  on  a  small  modular  reactor  (grouped 
into  two  categories:  attack  preparation  and  attack  execution),  and  for  each  of  these  13 
dimensions  they  divide  difficulty  into  five  levels,  with  level  1  being  the  easiest  and  level  5 
the  most  difficult.  For  each  potential  attack,  they  use  the  opinions  of  one  or  more  SMEs  to 
specify  the  level  of  difficulty  in  each  of  the  13  dimensions.  The  overall  risk  then  depends  on 
additional  SME  assessments  as  to  whether  any  of  a  set  of  potential  attackers  could  succeed 
in  overcoming  the  difficulty  level  identified  in  each  dimension. 

This  technique  may  not  require  the  explicit  use  of  subjective  probabilities,  and  may  there¬ 
fore  appear  to  sidestep  some  of  the  criticism  of  PRA.  Nonetheless,  it  requires  at  least 
one  SME  to  assess  linearly  scaled  “difficulty  numbers"  that  (a)  are  clearly  subjective,  (b) 
may  be  impossible  to  validate,  and  that  (c)  impose  a  substantial  data-collection  and  data- 
maintenance  burden  on  the  model’s  user.  By  contrast,  our  models  are  designed  to  require 
little  or  no  subjective  input  data  from  SMEs  and,  although  our  models  can  require  large 
amounts  of  input  data  (routing  and  population  data),  no  intrinsic  difficulties  arise  in  col¬ 
lecting  and  maintaining  these  data. 
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CHAPTER  4: 

SUBNETWORKS  IN  THE  DOMESTIC  NUCLEAR 

FUEL  CYCLE 


This  thesis  demonstrates  adversarial-risk  evaluation  and  adversarial-risk  reduction  only  for 
the  fabricator-to-power-plant  subnetwork,  or  “fresh-fuel  subnetwork,”  within  the  domestic 
nuclear  fuel  cycle.  The  models  apply,  however,  to  any  subnetwork  that  ships  a  single  com¬ 
modity  (e.g.,  unenriched  UF6).  Several  “single-commodity  subnetworks”  can  be  combined 
for  analysis  into  a  single  “multicommodity  subnetwork,”  but  this  may  only  make  sense  if 
the  commodities  involved  have  similar  levels  of  danger  associated  with  them.  For  example, 
supposing  that  unenriched  and  enriched  UF6  have  similar  levels  of  toxicity,  then,  reducing 
adversarial  risk  for  the  “enriched  UFg  subnetwork”  might  have  little  effect  if  the  risk  asso¬ 
ciated  with  the  “unenriched  UF6  subnetwork”  were  left  unchanged.  In  this  case,  the  two 
subnetworks  should  be  combined  for  analysis. 

For  completeness,  we  list  the  single-commodity  subnetworks  in  the  U.S.  that  are  relevant 
now,  or  may  become  relevant  in  the  future: 

1.  Yellowcake:  This  subnetwork  includes  as  its  origin  nodes  various  ports  of  entry 
and  production  plants  in  Wyoming,  Nebraska,  Utah,  Colorado,  and  Texas.  Only 
Honeywell’s  Metropolis  Works  (MTW)  facility  in  Metropolis,  Illinois,  performs  the 
initial  conversion  of  yellowcake  to  UFg,  so  Metropolis  defines  the  single  terminal 
node  in  this  subnetwork. 

2.  Unenriched  UF^:  This  simple  subnetwork  runs  from  MTW  in  Metropolis,  Illinois, 
to  United  States  Enrichment  Corporation’s  (USEC)  gaseous  diffusion  plant  in  Padu¬ 
cah,  Kentucky,  and  URENCO  USA’s  gas  centrifuge  enrichment  plant  in  Eunice,  New 
Mexico. 

3.  Enriched  UF6:  This  subnetwork  extends  from  USEC  in  Paducah,  Kentucky,  and 
URENCO  in  Eunice,  New  Mexico,  to  three  nuclear  fuel  fabrication  facilities:  Areva, 
Inc.,  in  Richland,  Washington  (Areva);  Global  Nuclear  Fuels  -  Americas,  LLC,  in 
Wilmington,  North  Carolina  (GNF);  and  Westinghouse  Electric  Company,  LLC,  in 
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Columbia,  South  Carolina  (Westinghouse). 

4.  Fresh  fuel:  This  subnetwork  extends  from  the  three  fuel  fabricators  to  the  nuclear 
power  plants  that  burn  the  fuel,  and  is  described  in  detail  elsewhere  in  this  thesis. 
Actually,  fresh-fuel  shipments  in  the  U.S.  also  include  fuel  assemblies  that  are  fab¬ 
ricated  in  the  U.S.  and  shipped  to  overseas  customers  [22].  This  thesis  does  not 
consider  such  shipments,  but  a  complete  adversarial  risk  analysis  for  fresh-fuel  ship¬ 
ments  in  the  U.S.  certainly  should. 

5.  Spent  fuel:  For  the  most  part,  spent-fuel  shipments  in  the  U.S.  domestic  fuel  cycle 
have  been  limited  to  moving  spent  fuel  for  the  purpose  of  consolidating  a  company’s 
intermediate  storage  [23].  In  the  future,  any  of  the  following  single-commodity  sub¬ 
networks  or  combinations  thereof  could  be  relevant: 

(a)  Dry  casks  of  spent  fuel  shipped  from  power  plants  to  intermediate  storage. 

(b)  Dry  casks  shipped  from  power  plants  and/or  intermediate  storage  to  one  or  more 
final  repositories. 

(c)  Dry  casks  shipped  from  power  plants  to  one  or  more  reprocessing  facilities. 

6.  Other  materials  being  reprocessed:  This  could  include  military  warheads,  domes¬ 
tic  or  foreign,  being  processed  into  fuel  (e.g.,  the  “Megatons  to  Megawatts”  pro¬ 
gram  [24]),  and  spent  fuel  brought  into  the  United  States  from  foreign  countries  for 
reprocessing. 

7.  Waste  from  reprocessing:  If  reprocessing  becomes  relevant,  it  will  generate  dry- 
cask  shipments  to  intermediate  storage  and/or  final  repository  [25]. 

The  appendix  provides  more  detail  on  existing  subnetworks,  but  the  remainder  of  the  body 
of  the  thesis  focuses  on  the  fresh-fuel  subnetwork. 
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CHAPTER  5: 

EVALUATING  ADVERSARIAL  RISK  OR  ITS 
SURROGATE  FOR  A  SUBNETWORK 


Because  the  materials  of  interest  in  this  thesis  are  hazardous,  these  materials  typically  travel 
along  pre-approved,  static  routes.  It  therefore  makes  sense  to  evaluate  the  adversarial  risk 
associated  with  a  static  transportation  link  k  of  a  particular  subnetwork  s.  Following  the 
discussion  in  the  previous  chapter,  we  use  this  surrogate: 

dk  =  the  maximum  population  that  might  be  affected  by  an  attack  on  link  k  (5.1) 
in  subnetwork  s, 

where  s  is  omitted  as  a  subscript  because  the  subnetwork  is  fixed.  This  admittedly  vague 
definition  will  be  made  more  precise,  later.  To  avoid  confusion,  we  call  dk  the  “damage 
surrogate”  or  “damage  value.” 

Note  3:  The  terms  “route”  and  “link”  will  be  used  interchangeably  but,  strictly  speaking,  a 
link  between  two  nodes  is  the  abstraction  of  the  complicated  route  that  moves  between  two 
fuel-cycle  facilities  along  roads  and  past,  potentially,  many  areas  of  population. 

5.1  Damage  Values  for  a  “Direct  Attack” 

Suppose  that  we  determine  that  a  simple,  “direct  attack”  is  the  key  threat:  a  shipment  is 
attacked  with  an  explosive  device  of  some  type,  and  some  of  its  contents  are  released  into 
the  environment. 

The  area  affected  by  a  direct  attack  would  depend  on  the  material,  the  amount  released, 
meteorological  conditions,  etc.,  but  we  must  focus  on  a  worst  case:  the  discussion  and 
references  in  Chapter  3  indicate  that,  in  the  worst  case,  most  of  a  shipment’s  material  could 
be  vaporized  and  released  into  the  environment.  Depending  on  dispersion-plume  models 
(e.g..  Harper  et  al.  [26],  Reshetin  [27]),  we  may  assume  that  material  will  affect  all  people 
within  a  certain  radius  of  a  release  site.  (A  more  detailed  model  might  look  for  the  largest 
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population  affected  if  the  plume  expands  centrally,  or  moves  in  any  particular  compass 
direction.)  Then,  to  compute  dk,  we  only  need  to  extrapolate  census  data  to  points  along 
the  corresponding  route,  and  then  choose  the  largest  population  identified.  Using  a  grid  of 
population  cells,  our  numerical  examples  use  a  cruder  method  to  estimate  these  numbers, 
but  the  reader  will  see  that  the  estimates  produced  give  intuitively  sensible  results  in  all 
tested  models. 

We  begin  with  a  grid  of  population  values  divided  into  latitude-longitude  quadrilaterals  that 
are  2.5  arc-minutes  on  a  side  [28].  Each  quadrilateral  (grid  cell)  has  an  area  of  21.4  km2 
at  the  equator,  which  reduces  to  about  14  km2  in  the  southern  U.S.  and  to  about  1 1  km2  in 
the  northern  U.S.  This  is  true  since  the  width  of  a  cell  reduces  by  a  factor  of  (90  —  lat) /90 
where  “lat”  is  latitude  north  in  decimal  degrees.  For  simplicity,  we  assume  that  an  attack 
would  affect  the  population  in  a  single  grid  cell  of  the  size  seen  at  the  equator.  For  cells  at 
other  latitudes  then,  we  multiply  cell  population  by  a  correction  factor  of  90/ (90  —  lat)  to 
enable  an  equal-basis  comparison.  Finally,  to  determine  the  damage  value  dk  for  a  given 
link  k  ,  we  simply  identify  the  cell  with  the  largest  (adjusted)  population  that  intersects  the 
corresponding  route.  Table  5.1  shows  the  10  links  with  the  largest  damage  values  for  the 
hypothetical  U.S.  fresh-fuel  network. 

A  single  grid-square  area  (1 1  to  14  km2)  might  be  too  conservative  for  some  nuclear  mate¬ 
rials.  Suppose  an  appropriate  area  is  roughly  nine  times  the  single-cell  area.  Then,  we  only 
need  to  expand  the  area  of  interest  to  the  nine  cells  that  make  up  the  3x3  block  of  cells 
about  each  relevant  point.  Table  5.2  shows  these  values.  The  top  10  damage  values  and 
locations  do  not  change  much  from  Table  5.1,  indicating  that  that  the  damage  surrogate 
is  not  particularly  sensitive  to  the  data.  The  biggest  difference  is  that  Bronx  is  now  the 
worst  case,  corresponding  to  a  shipment  that  passes  through  Newark,  crosses  the  George 
Washington  Bridge,  and  continues  into  Connecticut,  using  Interstate  Highway  95  (1-95)  the 
whole  time.  (Of  course,  we  do  not  know  if  this  route  is  actually  used.)  The  smaller  Newark 
damage  value  represents  a  shipment  that  crosses  the  same  bridge  and  then  turns  north,  up 
1-87,  rather  than  continuing  on  through  the  eastern  Bronx  on  1-95. 
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Table  5.1:  The  10  largest  damage  values  and  their  locations  given  (a)  a  direct  attack,  and  (b) 
the  affected  population  resides  in  only  a  single  population  cell.  The  related  number  of  affected 
routes  and  reactors  is  also  given.  For  example,  nine  routes  traverse  a  single  location  near  Chicago, 
Illinois,  where  the  population  data  imply  a  damage  value  of  261787;  those  nine  routes  feed  15 
reactors.  _ 


Location 

Damage 
value  dk 

Routes 

Reactors 

(nearest  city) 

(persons) 

(number) 

(number) 

Chicago,  IL 

261787 

9 

15 

Newark,  NJ 

225895 

4 

5 

Philadelphia,  PA 

218745 

1 

1 

Washington,  DC 

184547 

4 

7 

Milwaukee,  WI 

115225 

1 

2 

Buffalo,  NY 

103012 

1 

1 

Phoenix,  AZ 

92792 

1 

3 

Cleveland,  OH 

78211 

1 

1 

Lincoln,  NE 

78121 

8 

15 

Chicago,  IL  (suburbs) 

72781 

1 

2 

Table  5.2:  The  10  largest  damage  values  for  an  attack  that  occurs  in  a  given  cell  and  affects  that 
cell  along  with  the  eight  adjacent  cells.  See  the  caption  for  Table  5.1  for  additional  information. 


Location 

Damage 
value  dk 

Routes 

Reactors 

(nearest  city) 

(persons) 

(number) 

(number) 

Bronx,  NY 

2388125 

4 

5 

Chicago,  IL 

1881620 

8 

13 

Newark,  NJ 

1219373 

1 

2 

Philadelphia,  PA 

1172064 

1 

1 

Washington,  DC 

971233 

4 

7 

Milwaukee,  WI 

804469 

1 

2 

Phoenix,  AZ 

666934 

1 

3 

Buffalo,  NY 

661251 

1 

1 

Cleveland,  OH 

631157 

1 

1 

Chicago,  IL  (suburbs) 

563459 

1 

2 
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5.2  Damage  Values  for  a  “Hijacking  Attack” 

We  believe  that  hijacking  a  nuclear  shipment  in  the  U.S.  and  moving  it  any  substantial 
distance  would  be  extremely  difficult,  given  that  each  shipment  is  guarded,  heavy  contain¬ 
ers  are  difficult  to  move,  radio  contact  or  the  lack  thereof  with  a  hijacked  truck  should 
quickly  alert  authorities  of  an  incident,  and  that  truck  or  trailer  should  be  easily  located  and 
immobilized.  Nonetheless,  our  methods  enable  consideration  of  a  hijacking  scenario. 

We  assume  that  it  is  impossible  for  a  hijacking  to  go  unnoticed,  so  it  is  also  reasonable 
to  assume  that  a  hijacked  truck  would  be  stopped  within  some  short  time  period,  say  30 
minutes,  after  an  attack  is  begun.  We  assume  that  a  worst-case  release  of  the  shipment’s 
contents  would  then  take  place.  Thus,  to  evaluate  the  damage  value  for  a  subnetwork  link  k, 
we  only  need  to  expand  the  search  for  a  “worst-case  population  cell”  (or  “group  of  cells”) 
along  the  route  to  include  the  distance  that  a  truck  could  cover  in  30  minutes  from  any  point 
on  link  k.  This  could  be  estimated  accurately  using  road-network  and  population  data,  but 
for  demonstration  purposes  we  use  a  simpler  method:  assuming  again  that  a  release  of 
material  would  affect  only  the  population  in  a  single  cell,  we  identify  the  largest  population 
cell  within  48.3  km  (30  miles)  of  the  route  using  a  straight-line  distance  calculation.  This 
method  yields  the  damage  values  displayed  in  Table  5.3  for  the  hypothetical  fresh-fuel 
subnetwork  described  above. 
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Table  5.3:  For  a  hijacking  attack,  the  10  largest  damage  values  and  their  locations.  A  shipment 
hijacked  on  the  hypothetical  route  from  Westinghouse  to  Braidwood  is  farther  than  30  miles  from 
the  peak  population  area  of  Chicago,  Illinois,  and  a  hijacked  truck  could  only  reach  the  suburbs 
to  the  south  of  the  Chicago  under  assumed  conditions. 


Location 

Damage 
value  dk 

Routes 

Reactors 

(nearest  city) 

(persons) 

(number) 

(number) 

Bronx,  NY 

689338 

5 

7 

Chicago,  IL 

261787 

11 

19 

Philadelphia,  PA 

218745 

4 

6 

Washington,  DC 

184547 

3 

5 

Miami,  FL 

148941 

1 

2 

New  Orleans,  LA 

120858 

3 

4 

Cleveland,  OH 

112760 

1 

1 

Detroit,  MI 

111900 

1 

1 

Chicago,  IL  (suburbs) 

110753 

1 

2 

Pittsburgh,  PA 

109837 

2 

3 

5.3  Reducing  Adversarial  Risk 

The  damage- surrogate  models  above  provide  objective  means  of  comparing  the  adversarial 
risk  associated  with  different  routes  or  scenarios.  The  next  two  chapters  show  how  to  apply 
limited  resources  to  reduce  risk  optimally  assuming  monotonicity  of  “true  damage”  as  as 
function  of  damage  value  (as  described  in  Chapter  3).  Any  of  the  optimization  models 
could  be  applied  to  any  subnetwork  once  an  appropriate  damage- surrogate  is  defined.  We 
demonstrate  the  models  on  the  fresh-fuel  subnetwork  using  the  damage  surrogate  reflected 
in  Table  5.1.  An  attack  at  a  particular  point  would  affect  the  population  in  its  respective 
grid  square. 
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CHAPTER  6: 

DAI:  A  GENERAL  DEFENDER-ATTACKER 
MODEL  FOR  REDUCING  ADVERSARIAL  RISK  IN 
A  TRANSPORTATION  SUBNETWORK 


This  chapter  presents  a  generic  mathematical-programming  model  that  uses  the  damage 
surrogate  to  minimize  adversarial  risk  in  a  transportation  subnetwork.  The  model  applies 
to  network  design,  redesign,  modification,  and  rerouting  of  certain  shipments,  all  subject 
to  generic  resource  constraints.  We  describe  the  general  model  in  terms  of  building  a  sub¬ 
network  from  scratch,  but  explain  how  it  applies  in  the  other  situations,  which  are  probably 
more  likely  to  arise  in  practice  (e.g.,  redesign  or  simple  modifications). 

6.1  A  General  Model:  DAI 

We  assume  that  a  defender  (fuel-cycle  “operators,”  transporters,  regulators,  etc.)  faces  a 
single  adversary  or  attacker,  who  plans  on  carrying  out  a  single  attack  in  the  transportation 
system.  The  defender  will  build  the  network,  the  attacker  will  observe  what  has  been 
built  and  then  attack  in  the  most  destructive  way  possible  when  seen  from  the  viewpoint 
of  the  defender.  This  is  a  two-stage  Stackelberg  game,  called  a  “defender-attacker”  (DA) 
model,  as  described  in  Brown  et  al.  [6].  The  worst-case  analysis  is  pessimistic  for  the 
defender — will  an  attacker  really  be  able  to  carry  out  a  worst-case  attack? — but  it  is  prudent. 
We  refer  the  reader  to  Brown  et  al.  [6],  Scaparra  and  Church  [29],  Brown  et  al.  [30], 
Alderson  et  al.  [31],  and  the  references  therein  for  other  applications  of  DA  models  or 
the  related  defender-attacker-defender  (DAD)  models  to  problems  of  infrastructure  design 
and/or  defense. 

A  solution  to  the  following  model  will  identify  a  minimum-risk  subnetwork  in  which  each 
origin  node  is  connected  uniquely  to  a  source  and  subject  to  capacity  constraints  at  each 
origin  node  and  each  destination  node.  Consequently,  the  subnetwork  is  bipartite.  Such  a 
model  could  be  used,  for  example,  to  design  a  fabricator-to-power-plant  subnetwork  from 
scratch.  But,  it  could  also  be  used  to  make  a  limited  number  of  changes  to  an  existing  sub- 
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network  to  reduce  risk,  or  to  guide  rerouting  decisions.  Note  that  the  capacity  constraints 
may  simplify  greatly  in  most  applications.  For  instance,  in  the  fresh-fuel  subnetwork,  the 
capacity  constraints  at  a  destination  node  (i.e.,  at  a  power  plant)  may  simplify  to  “Attach 
exactly  one  source  (i.e.,  fuel  fabricator)  to  this  power  plant.” 

The  network  models  here  differ  from  those  described  in  traditional  capacitated  network 
design;  for  example,  see  Magnanti  and  Wong  [32]  and  the  references  therein.  Such  designs 
typically  use  binary  variables  to  represent  construction  of  a  network  and  continuous  vari¬ 
ables  to  represent  activities  that  may  use  the  constructed  network’s  capacity.  For  example, 

Y rhk}’hk  <  rkxk;  xk  G  (0, 1} ;  yhk  >  0  V  h  where  rhk  >  0  V  h 
h 

might  imply  that  if  link  k  is  constructed  (xk  =1),  then  the  sum  of  all  activities  h,  converted  to 
a  common  unit  of  measurement  (£/,  rkkykk)  must  not  exceed  the  constructed  capacity  of  the 
link  which  is  rk.  But  if  the  link  is  not  constructed  (xk  =  0),  then  no  activities  may  take  place 
on  that  link  at  all  because  £/,  rkkykk  <  0.  By  contrast,  one  of  our  model’s  “constructed  links” 
k  is  not  a  physical  link,  but  essentially  a  contract  for  a  fixed  level  of  activity,  for  example, 
the  shipping  of  u  fuel  assemblies  each  year  between  a  fabricator  and  a  nuclear  power  plant. 
The  creation  of  this  link  tells  us  exactly  the  amount  of  resource  that  will  be  consumed  at 
the  fabricator  for  instance  (i.e.,  u).  Thus,  the  model  presented  below  incorporates  binary 
“link-construction  variables”  xk  without  any  continuous  “link  activity  variables.” 


Indices  and  Index  Sets 

i  G  Ns 
jeNT 
ijeN 
keA 


i(k),  j(k) 


origin  nodes  in  a  bipartite  subnetwork 
destination  nodes  in  a  bipartite  subnetwork;  Ns  (T  NT  —  0 
all  nodes  in  a  bipartite  subnetwork;  N  =  Ns  U  NT 
links  a  subnetwork;  k  =  (i.j)  where  i  G  Ns,  j  G  Nr 
respectively,  the  origin  and  destination  nodes  for  link  k  G  A 


G  =  (. N,A )  the  bipartite  subnetwork,  also  written  as  G  —  (Ns, NT ,A) 
k  G  A5(i)  links  directed  out  of  node  i  G  Ns 

k  G  A'  ij)  links  directed  into  node  j  G  NT 
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r  G  R  resource  types 

Data 


dk 


4’  4 


s 

kr 


U 


T 

kr 


damage  surrogate  for  link  k  G  A 

respectively,  the  minimum  and  maximum  allowable  capacity  utilization  for 
resource  r  at  i  G  Ns 

respectively,  the  minimum  and  maximum  allowable  capacity  utilization  for 
resource  r  at  j  G  NT 

capacity  utilization  of  resource  r  at  i  given  that  k  G  As(i)  is  selected 
capacity  utilization  of  resource  r  at  j  given  that  k  e  AT  (j)  is  selected 


Variables 

x k  1  if  the  new  network  design  includes  link  k,  and  0  otherwise 

z  maximum  of  damage  surrogates  across  all  links 

Formulation 


DAI :  min  z 

(6.1) 

s.t.  z  —  dkXk 

> 

0  Vke  A 

(6.2) 

4  <  £  ukrXk 

keAs(i) 

< 

4  V  i  G  NS,  r  eR 

(6.3) 

U]r<  £  Ulxk 

keAT{j) 

< 

u]r  V  j£NT,reR 

(6.4) 

xk 

G 

{0,1}  VkeA 

(6.5) 

The  objective  function  (6.1),  in  conjunction  with  constraints  (6.2),  minimizes  the  maximum 
surrogate  damage  across  all  links  in  the  selected  subnetwork  design.  Constraints  (6.3) 
place  lower  and  upper  limits  on  the  capacity  utilization  that  the  network  design  places  on 
origin  nodes;  constraints  (6.4)  are  analogous  for  destination  nodes.  The  user  is  free  to 
add  constraints  to  represent  more  complicated  logical  relations  among  the  links,  but  the 
application  to  fresh-fuel  shipments  in  the  following  section  actually  simplifies  the  model. 
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6.2  An  Application  of  DAI:  Recontracting 

This  section  describes  applications  of  DAI  to  reduce  adversarial  risk,  using  the  fresh-fuel 
subnetwork  as  an  example.  The  network  is  modified  by  changing  fabricator-to-power-plant 
assignments  (fuel-supply  contracts).  The  construction  of  the  realistic  routes  used  for  testing 
here  has  already  been  described  in  Section  5.1.  The  appendix  describes  the  collection  and 
construction  of  other  data  needed  in  these  models. 

Adversarial  risk  in  a  subnetwork  can  be  reduced  by  restructuring  a  network  so  that  max¬ 
imum  population  across  all  routes  is  reduced.  For  illustrative  purposes,  we  imagine  here 
that  a  central  authority  arranges  all  fuel-supply  contracts,  and  any  or  all  contracts  could 
be  renegotiated  so  that,  in  effect,  certain  high-risk  routes  are  replaced  by  lower-risk  ones. 
We  require  only  that  the  total  capacity  utilization  of  a  fabricator  stay  within  ±10%  of  its 
current  capacity  as  estimated  in  the  appendix,  and  that  each  power  plant  be  assigned  to  one 
fabricator.  DAI  simplifies  then  as  follows. 

Modified  data 

A  links  k  e  A  that  correspond  to  new  contracts 

h  maximum  number  of  new  contracts 

nr  hi  respectively,  the  minimum  and  maximum  number  of  fuel  assemblies  that  fabri¬ 
cation  facility  at  i  e  Ns  may  produce  in  a  year 

ri  j(k\  number  of  reactors  at  power  facility  located  at  j(k)  e  NT 

Formulation 


Fuel :  min  z 

(6.6) 

X,z 

s.t.  z  —  dkxk 

> 

0  Vke  A 

(6.7) 

4r  <  £  nj(k)xk 

< 

nsir  V  ieNs 

(6.8) 

keAs(i) 

£  xk 

= 

1  V  j  e  Nt 

(6.9) 

keAr(j) 

£** 

< 

h 

(6.10) 

keA 

xk 

G 

{0,1}  VkeA 

(6.11) 
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Using  the  existing  contract  structure  defined  in  Table  A.l,  and  using  the  single-cell  “direct 
attack”  as  defined  in  Section  5.1,  Table  6.1  displays  the  maximum  “affected  populations” 
observed  along  current  shipping  routes  or  “links.” 

Table  6.1:  Routes  with  the  largest  damage  values.  For  example,  nine  routes  traverse  the  same 
road  segment  near  Chicago,  Illinois,  which  imposes  the  largest  damage  value  of  any  location  on 
any  route _ 


Location 

Chicago,  IL 

Newark,  NJ 

Phil.,  PA 

Wash.,  DC 

Damage 

261787 

225895 

218745 

184547 

Number  of  routes 

9 

4 

1 

4 

Number  of  reactors 

15 

5 

1 

7 

Using  DAl-Fuel  and  allowing  any  and  all  business  contracts  to  be  renegotiated  to  minimize 
adversarial  risk  produces  the  damage-surrogate  results  shown  in  Table  6.2. 


Table  6.2:  Largest  damage  values  after  recontracting. 


Location 

Newark,  NJ 

Phil.,  PA 

Wash.,  DC 

San  Jose,  CA 

Damage 

225895 

218745 

184547 

142297 

Number  of  routes 

5 

1 

4 

1 

Number  of  reactors 

7 

1 

7 

2 

The  solution  displayed  in  in  Table  6.2  actually  involves  recontracting  a  majority  of  the  con¬ 
tracts,  yet  the  overall  risk  for  the  new  network  only  drops  from  261787  to  225895.  The 
difficulty  is  this:  although  allowing  changes  in  any  supplier  contract  substantially  reduces 
the  threat  to  Chicago,  a  large  reduction  is  risk  is  impossible  because  of  the  need  to  transport 
fuel  up  the  east  coast,  through  New  Jersey.  We  add  the  requirement  that,  in  order  to  change 
a  business  contract,  there  must  be  a  decrease  in  the  overall  risk  to  the  for  the  new  network. 
Thus,  what  may  be  viewed  as  the  best  solution  here  (see  details  in  Table  6.3)  only  changes 
13  routes.  Specifically,  it  eliminates  the  nine  shipments  passing  through  Chicago  and  mod¬ 
ifies  four  others  to  reduce  the  maximum  damage  value  from  261787  to  225895,  the  same 
as  the  more  resource-intensive  solution  reflected  in  Table  6.2.  The  results  here  show  that 
DAl-Fuel  will  allocate  resources  to  lower  damage  values  for  the  second- worst  route,  the 
third-worst  route,  etc.,  but  this  extra  resource  does  not  reduce  overall  risk  for  this  scenario 
because  the  maximum  damage  value  cannot  drop  below  225895. 
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Table  6.3:  Recontracting.  Thirteen  nuclear  fuel  supply  contracts  change.  Additional  changes  to 
business  contracts  do  not  lower  the  overall  risk  for  the  network.  While  avoiding  Chicago,  the 
worst-case  damage  of  225895  occurs  for  shipments  traveling  on  1-95  past  Newark,  New  Jersey. 


Existing 

Optimal 

Reactor  site 

Fabricator 

Damage  value 

Fabricator 

Damage  value 

Byron 

Westinghouse 

72781 

Areva 

57167 

Calvert  Cliffs 

Areva 

261787 

Westinghouse 

52819 

Comanche  Peak 

Westinghouse 

70099 

Areva 

70297 

Davis-Besse 

Areva 

261787 

Westinghouse 

49714 

Millstone 

Areva 

261787 

Westinghouse 

225895 

North  Anna 

Areva 

261787 

Westinghouse 

52819 

Palisades 

Areva 

261787 

GNF 

65499 

Palo  Verde 

Westinghouse 

92792 

Areva 

87050 

Prairie  Island 

Westinghouse 

261787 

Areva 

83228 

Sequoyah 

Westinghouse 

70099 

Areva 

78121 

Surry 

Areva 

261787 

Westinghouse 

41611 

Susquehanna 

Areva 

261787 

Westinghouse 

41611 

Three  Mile  Island 

Areva 

261787 

Westinghouse 

64584 

6.3  Simple  Rerouting:  A  Greedy  Approach 

While  mathematical  programming  can  be  used  to  address  adversarial-risk  reduction  on  a 
large  scale,  simply  rerouting  the  fuel  shipments  around  the  points  with  the  largest  damage 
values  can  reduce  the  overall  risk.  A  systematic  “greedy  algorithm”  applies  here,  one  that 
is  clearly  optimal  under  certain  conditions: 

Step  1 :  Find  the  route  with  largest  damage  value. 

Step  2:  Since  that  implies  the  adversarial  risk  for  the  whole  subnetwork,  the  damage  value 
for  this  route  must  be  reduced  to  reduce  overall  risk. 

Step  3:  Assuming  you  have  additional  “rerouting  resource,”  reroute  the  link  with  the  largest 
damage  value,  and  return  to  Step  1. 

For  the  initial  matrix  of  fuel-fabricator-to-power-plant  routes,  Chicago,  Illinois,  defines 
overall  risk  through  nine  routes  serving  15  reactors  that  traverse  Interstate  Highway  1-94. 
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With  the  intent  to  eliminate  the  Chicago’s  damage  value  of  261787,  we  create  nine  alternate 
routes  that  instead  use  1-74  through  Champaign,  Illinois.  As  shown  in  Table  6.4,  worst-case 
damage  is  reduced  significantly  without  adding  much  travel  distance. 

Table  6.4:  These  routes  all  define  the  maximum  damage  value  of  261787  in  the  baseline  ("initial”) 
system.  To  reduce  overall  risk  by  rerouting,  all  nine  routes  through  Chicago  must  be  modified 
in  some  way.  We  restrict  rerouting  decisions  to  use  1-74  through  Champaign,  Illinois.  The 
Millstone-Areva  route  now  defines  risk  for  this  subnetwork  because  its  damage  value  of  220173 
is  greatest. 


Reactor  site 

Fabricator 

City 

Damage  value 

Extra  miles 

Calvert  Cliffs 

Areva 

Washington,  DC 

90983 

75 

Davis-Besse 

Areva 

Toledo,  OH 

59027 

170 

Millstone 

Areva 

Bronx,  NY 

220173 

127 

North  Anna 

Areva 

Indianapolis,  IN 

48920 

44 

Palisades 

Areva 

Peoria,  IL 

47218 

384 

Prairie  Island 

Westinghouse 

Rockford,  IL 

57167 

42 

Surry 

Areva 

Richmond,  VA 

52819 

28 

Susquehanna 

Areva 

Indianapolis,  IN 

48920 

151 

Three  Mile  Island 

Areva 

Columbus,  OH 

72548 

88 

The  same  process  repeats  to  eliminate  the  next  worst-case  point  of  attack,  which  are  routes 
that  transit  north  on  1-95  between  Newark,  New  Jersey,  and  New  York  City.  The  procedure 
could  continue  repeating  for  other  cities  until,  say,  a  predetermined  acceptable  damage 
level  for  the  subnetwork  is  reached. 
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CHAPTER  7: 

DA2:  REDUCING  EXPECTED  RISK  WITH  DECOY 

SHIPMENTS 


A  solution  to  DAI  structures  or  restructures  a  subnetwork  to  minimize  adversarial  risk, 
with  risk  viewed  as  a  deterministic  function.  If  we  allow  probability  to  come  into  play, 
decoy  shipments  can  be  used  to  reduce  expected  risk.  We  are  loathe  to  allow  subjective, 
uncontrollable  probabilities  into  a  model,  but  here  the  probabilities  are  straightforward  to 
compute  and  are  under  our  control. 

7.1  Allocating  Decoys  Optimally:  DA2 

This  section  uses  this  additional  or  modified  notation. 


x k  the  number  of  decoys  assigned  to  each  shipment  on  link  k,  0  otherwise 

Xk  a  maximum  value  for  vy  (set  by  planners) 

mj.  (length  of  link  k  in  miles)  x  (number  of  shipments  made  per  year  on  link  k) 

[miles/year] 

m  total  budget  for  decoys  [miles/year] 

nx  maximum  total  number  of  decoys 


Assumption  1:  Damage  on  each  link  k  e  A  is  computed  as  <4  =  fipopk)  —  c  ■  popk .  That 
is,  damage  is  a  linear  function  of  population. 

Focusing  on  a  single  link  k,  damage  is  computed  through  a  function  dk  —  f(popk).  Ex¬ 
pected  damage  equals  damage.  Suppose  that  for  every  shipment  along  k,  we  send  vy 
decoy  shipments.  The  attacker  has  one  chance  to  strike  on  this  link,  so  assuming  that  a 
decoy  shipment  is  indistinguishable  from  a  real  one,  the  probability  of  a  successful  attack 
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is  1/(1  +Xk).  (Note  that  Xk  is  being  used  for  a  different  purpose  here  than  in  previous  sec¬ 
tions.)  For  simplicity,  we  assume  that  a  single  truck  carries  each  shipment  and  that  any 
decoy  trucks  follow  the  same  route  as  a  real  shipment.  The  following  model  results. 

DA2  — DecoyO  z*  =  min  max *4/(1  +Xk),  (7.1) 

xG-Xi)ec0y  &gA 


where 


XDecoy  =  {-Ft  £  {0, . . .  ,-Xk}Wk  G  A  \Y,keAmkxk  <  m}  •  (7-2) 

Making  the  reasonable  assumption  that  dk  >  0  for  all  k  G  A,  the  nonlinear  model  DA2- 
DecoyO  has  the  same  solution  as  this  integer  linear  program: 


DA2  —  Decoy  1  (z*)  1  =  v*  =  min  v 

x,v 

(7.3) 

S.t.  V 

> 

dk  1  •  (1  +Xk)  Wk  G  A 

(7.4) 

Y,  mkxk 

< 

m 

(7.5) 

keA 

YXk 

< 

nx 

(7.6) 

keA 

•it 

VI 

o 

< 

Xk,  integer  V/c  G  A 

(7.7) 

If  the  decoys  are  controlled  or  owned  by  the  originating  nodes  i  G  Ns  (suppliers),  then 
constraint  (7.5)  would  simply  be  replaced  with  these  constraints: 

^  mkXk  <  fhi  V  i  G  Ns ,  (7.8) 

keAs(i) 

where  m,-  denotes  the  number  of  decoy  miles  available  at  node  i. 


7.2  A  Sample  Application  of  Decoys 

In  this  section,  we  apply  DA2  to  the  same  fuel-fabricator-to-power-plant  matrix  used  in 
previous  chapters.  Imagine  an  idealized  situation  in  which  (a)  a  central  authority  funds 
decoy  shipments  of  fresh  fuel  across  all  fabricators,  (b)  refueling  periods  are  the  same  for 
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every  reactor,  (c)  every  power-generating  stations  that  operate  multiple  reactors  receive  a 
shipment  for  each  reactor,  and  (d)  one  mile  of  a  decoy  shipment  on  any  route  costs  the  same. 
Because  of  the  common  refueling  period  and  single  cost,  we  can  discuss  the  allocation  of 
“decoy  miles”  rather  than  “decoy  miles  per  year”  or  “decoy  dollars  per  year.” 

The  no-decoy  case  produces  the  expected  damage  value  of  261787,  which  occurs  for  any  of 
the  15  shipments  that  pass  through  Chicago,  Illinois,  on  1-94.  (“Expected  damage  value” 
is  equivalent  to  “damage  value”  with  no  decoys.)  To  achieve  any  reduction  in  expected 
damage,  decoy-miles  must  be  assigned  to  cover  each  of  those  15  shipments.  By  allocating 
36489  decoy  miles  then,  the  expected  damage  associated  with  an  attack  in  Chicago  drops 
to  261787/2  =  130893.5,  and  thus  expected  damage  is  defined  by  the  remaining  maximum 
damage  value,  which  is  225895  at  Newark,  New  Jersey.  We  could  then  determine  the  total 
decoy  miles  required  to  cover  the  five  shipments  that  pass  through  Newark,  and  further 
reduce  the  damage  value  to  218745,  which  is  the  value  imposed  by  the  shipment  moving 
near  Philadelphia,  Pennsylvania. 

This  seemingly  manual  process  of  optimization  can  be  automated  by  running  the  model 
DA2  for  increasing  values  of  the  resource,  total  decoy-miles.  Table  7.1  shows  how  op¬ 
timally  allocated,  increasing  levels  of  decoy-miles  reduce  expected  damage.  Note  how 
Chicago  again  becomes  “the  long  pole  in  the  tent”  once  sufficient  decoy  miles  are  allo¬ 
cated  to  routes  passing  through  or  near  Washington,  D.C.  The  “Chicago  routes”  must  then 
receive  a  second  allocation  of  decoys  to  reduce  expected  damage  further. 


Table  7.1:  Optimal  reductions  in  expected  damage  as  total  decoy-miles  increase. 


Location 

Expected 

Decoy 

Max  decoys 

Decoy  miles 

damage 

shipments 

per  route 

min 

max 

Chicago,  IL 

261787 

0 

0 

0 

36488 

Newark,  NJ 

225895 

15 

1 

36489 

40567 

Philadelphia,  PA 

218745 

20 

1 

40568 

41116 

Washington,  DC 

184547 

21 

1 

41117 

44907 

Chicago,  IL 

130894 

28 

1 

44908 

81396 

Milwaukee,  WI 

115225 

43 

2 

81397 

84648 

31 


THIS  PAGE  INTENTIONALLY  LEFT  BLANK 


32 


CHAPTER  8: 
CONCLUSIONS 


Different  authorities  will  have  different  measures  of  “damage”  that  an  adversary  might 
cause  by  attacking  a  shipment  of  nuclear  material  within  a  U.S.  nuclear  fuel  cycle.  Theft 
seems  extremely  unlikely  given  the  great  bulk  of  the  containers  used  for  shipping  most 
nuclear  materials,  so  this  thesis  has  focused  on  a  “direct  attack”  that  that  causes  a  release  of 
vaporized  material  into  the  atmosphere,  probably  through  the  use  of  some  explosive  device 
applied  right  on  the  shipping  route.  We  argue  that  “population  affected”  by  an  attack  is  a 
good  surrogate  for  damage  because  (a)  most  any  standard  damage  measure,  say  “economic 
losses,”  is  likely  to  be  monotonically  increasing  in  population  affected  and  (b)  allocating 
resources  to  minimize  the  damage  surrogate  will  also  minimize  the  “real”  measure  of  worst- 
case  damage. 

“Population  affected”  will  certainly  depend  on  the  details  of  an  attack,  the  amount  of  mate¬ 
rial  released,  weather  conditions,  etc.  But,  we  propose  and  justify  a  worst-case  view  of  an 
attack  that  makes  calculations  possible:  any  shipment  can  be  successfully  attacked  and  the 
bulk  of  its  cargo  released  into  the  environment.  Although  difficult  to  obtain,  it  is  well  within 
the  realm  of  possibility  that  a  terrorist  organization  could  obtain  an  explosive  weapon  that 
would  cause  the  catastrophic  release  of  the  shipment’s  contents  into  the  atmosphere. 

Computing  population  affected  involves  applying  standard  plume  models  for  movement  of 
material  through  the  air  and  some  model  of  toxicity.  We  do  not  use  any  actual  plume  model, 
but  demonstrate  computational  techniques  by  identifying  the  largest  population  within  a 
region  of  pre-specified  size  anywhere  along  a  shipment  route.  We  also  demonstrate  how 
the  model  modifies  to  handle  a  hijacking  attack  in  which  a  cargo  is  hijacked,  moved  to  a 
new  location,  and  then  detonated. 

Given  a  surrogate  measure  of  damage  (i.e.,  an  adversarial-risk-assessment  method),  we 
then  develop  models  to  minimize  worst-case  damage  or  expected  worst-case  damage  us¬ 
ing  limited  resources.  In  effect,  this  is  optimized,  adversarial-risk  reduction;  we  optimize 
using  sequential-game  models,  called  “defender-attacker  models.”  For  example,  we  can 


33 


minimize  the  worst-case  damage  subject  to  the  rerouting  of  a  given  number  of  shipments, 
or  we  can  minimize  expected  worst-case  damage  by  applying  limited  decoy  shipments. 
Such  a  model  could  also  be  used  to  show  how,  for  instance,  increasing  the  number  of  sup¬ 
pliers  for  a  material  could  reduce  risk,  by  replacing  “dangerous  routes”  with  less-dangerous 
ones.  We  demonstrate  these  methods  on  a  realistic  model  of  the  subnetwork  that  transports 
fresh-fuel  assemblies  throughout  the  U.S.  Fresh-fuel  assemblies  are  not  the  most  dangerous 
material  that  are  shipped  in  a  nuclear  fuel  cycle,  but  the  subnetwork  is  large  and  it  yields 
interesting  case  studies. 

We  have  provided  a  framework  for  evaluating  any  part  (subnetwork)  of  the  transportation 
network  that  ships  nuclear  materials  for  a  U.S.  nuclear  fuel  cycle.  We  have  demonstrated  in¬ 
tuitively  appealing  results  on  realistic  but  largely  artificial  route  data  and  simplified  models 
of  the  population  that  would  be  affected  by  the  release  of  material.  We  hope  that  regulators, 
physicists,  geographers,  and  others  who  have  access  to  actual  data  and  expertise  in  the  key 
physical  models  will  be  able  to  obtain  new  insights  into  adversarial  risk,  and  be  able  to  help 
reduce  it  by  applying  our  methods. 
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Appendix:  Realistic  Test  Data 


This  appendix  describes  how  the  data  used  in  this  thesis  were  gathered  and/or  generated. 
We  describe  the  collected  and  generated  data  based  on  our  level  of  certainty  in  its  accu¬ 
racy,  from  “known”  to  “unknown,”  with  varying  degrees  of  uncertainty  in  between.  The 
“knowns”  are  easily  obtainable  from  a  simple  search  on  the  internet,  such  as  facility  names 
and  their  geographical  coordinates.  “Unknowns”  are  unavailable  to  the  general  public  due 
to  their  sensitive  nature,  such  as  the  specific  highway  routes  that  a  nuclear  fuel  convoy  takes 
between  a  fuel  fabricator  and  a  nuclear  power  station. 

The  data  we  gather  and  create  describe  the  fresh-fuel  shipping  network. 

Known:  Facility  locations 

The  facility  types  relevant  to  the  fresh-fuel  network  are  nuclear  reactor  fuel  fabricators  and 
nuclear  power  plants.  The  latitude  and  longitude  for  each  location  are  used  for  determining 
transportation  routes. 

Nuclear  reactor  fuel  fabricators 

Nuclear  reactor  fuel  is  fabricated  at  three  sites:  Areva  Inc.,  in  Richland,  Washington;  Global 
Nuclear  Fuel  -  Americas,  LLC,  a  joint  operation  of  General  Electric  Energy,  Toshiba,  and 
Hitachi,  in  Wilmington,  North  Carolina;  and  Westinghouse  Electric  Company,  LLC,  in 
Columbia,  South  Carolina. 

Nuclear  power  plants 

At  the  start  of  2013,  there  were  104  nuclear  reactors  licensed  for  power  generation,  op¬ 
erating  on  65  different  sites.  In  the  first  half  of  the  year,  four  reactors  at  three  different 
sites  were  retired:  Duke  Energy’s  Crystal  River  Nuclear  Plant,  shut  down  since  September 
26,  2009,  announced  closure  on  February  5,  2013;  Dominion  Resources’  Kewaunee  Power 
Station,  announced  closure  on  October  22,  2012,  and  shut  down  on  May  7,  2013;  and 
Southern  California  Edison’s  San  Onofre  Nuclear  Generating  Station  (two  reactors),  shut 
down  since  January  31,  2012,  announced  closure  on  June  7,  2013.  Constellation/Exelon’s 
Nine  Mile  Point  Nuclear  Station  (two  reactors)  and  Entergy’s  James  A.  FitzPatrick  Nu¬ 
clear  Power  Plant  share  the  same  site  in  Scriba,  New  York.  PSEG  Nuclear’s  Hope  Creek 
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Nuclear  Generating  Station  (two  reactors)  and  Salem  Nuclear  Generating  Station  share  the 
same  site  in  Hancock’s  Bridge,  New  Jersey. 


We  use  the  latitude  and  longitude  coordinates  for  each  power  plant  location,  as  well  as 
the  number  of  reactors  at  each  station.  A  total  of  100  nuclear  reactors  are  operating  at  62 
independently  licensed  sites. 


Partly  known:  Fabricator  capacities 

According  to  the  World  Nuclear  Association,  the  production  capacities  of  light  water  reac¬ 
tor  (LWR)  fuel,  in  metric  tons  per  year,  are:  Areva’s  Richland  facility,  1200;  Global  Nuclear 
Fuel’s  Wilmington  facility,  750;  and  Westinghouse’s  Columbia  facility,  1500  [33].  Assum¬ 
ing  no  import  or  export  of  nuclear  fuel  rods  or  assemblies,  we  convert  these  capacities  to  a 
percentage  of  total  fabrication  capacity:  Areva,  35%;  GNF,  22%;  and  Westinghouse,  43%. 
The  number  of  reactors  supplied  by  a  fuel  fabricator  is  divided  by  the  total  number  of  reac¬ 
tors  in  operation  to  determine  the  fuel  fabricator’s  capacity  percentage.  These  percentages 
are  used  as  “goals”  when  considering  how  many  reactors  each  fabricator  can  supply.  Dif¬ 
ferences  in  rated  reactor  thermal  output  (in  MWt)  or  actual  refueling  mass  (in  kg)  are  not 
considered  when  assigning  a  shipment  demand  to  a  fuel  fabricator. 


Partly  known:  Fuel  fabricator  to  power-plant  assignments 

News  releases  on  the  awarding  of  fuel-supply  contracts  establish  some  actual  fabricator- 
to-power-plant  assignments.  For  facilities  for  which  we  could  not  find  contracting  an¬ 
nouncements,  we  make  assumptions  based  on  the  type  of  reactor  and  the  owner/operator 
corporation,  ensuring  the  total  assignments  to  each  fabricator  are  close  to  that  fabricator’s 
percent  capacity.  It  is  important  to  note  that,  while  the  corporations  involved  in  the  nu¬ 
clear  fuel  supply  chain  may  choose  to  provide  news  releases  pertaining  to  their  business 
endeavors,  we  find  relatively  few  actual  notices  of  fabricator/power-plant  contracts,  so  the 
assignments  we  use  are  substantially  notional. 

Table  A.l  shows  the  notional  business  contract  structure  used  in  computational  tests. 
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Table  A.l:  Partly  hypothetical  fuel-fabricator-to-power-plant  assignments,  with  number  of  re¬ 
actors  at  each  power  plant.  These  assignments  define  the  baseline  fresh-fuel  subnetwork  in 
computational  tests. 


Fabricator 

Nuclear  station 

Reactors 

Fabricator 

Nuclear  station 

Reactors 

Areva 

Arkansas  Nuc.  One 

2 

GNF 

Oyster  Creek 

1 

Areva 

Browns  Ferry 

3 

GNF 

Peach  Bottom 

2 

Areva 

Brunswick 

2 

GNF 

Perry 

1 

Areva 

Calvert  Cliffs 

2 

GNF 

Pilgrim 

1 

Areva 

Catawba 

2 

GNF 

River  Bend 

1 

Areva 

Davis-Besse 

1 

GNF 

Vermont  Yankee 

1 

Areva 

Dresden 

2 

Westinghouse 

Beaver  Valley 

2 

Areva 

Fort  Calhoun 

1 

Westinghouse 

Braidwood 

2 

Areva 

McGuire 

2 

Westinghouse 

Byron 

2 

Areva 

Millstone 

2 

Westinghouse 

Callaway 

1 

Areva 

Monticello 

1 

Westinghouse 

Comanche  Peak 

2 

Areva 

North  Anna 

2 

Westinghouse 

D.C.  Cook 

2 

Areva 

Oconee 

3 

Westinghouse 

Diablo  Canyon 

2 

Areva 

Palisades 

1 

Westinghouse 

Farley 

2 

Areva 

Quad  Cities 

2 

Westinghouse 

Ginna 

1 

Areva 

Robinson 

1 

Westinghouse 

Hope  Creek 

1 

Areva 

Shearon  Harris 

1 

Westinghouse 

Indian  Point 

2 

Areva 

Surry 

2 

Westinghouse 

Palo  Verde 

3 

Areva 

Susquehanna 

2 

Westinghouse 

Point  Beach 

2 

Areva 

Three  Mile  Island 

1 

Westinghouse 

Prairie  Island 

2 

GNF 

Clinton 

1 

Westinghouse 

Salem 

2 

GNF 

Columbia 

1 

Westinghouse 

Seabrook 

1 

GNF 

Cooper 

1 

Westinghouse 

Sequoyah 

2 

GNF 

Duane  Arnold 

1 

Westinghouse 

South  Texas 

2 

GNF 

Fermi 

1 

Westinghouse 

St.  Lucie 

2 

GNF 

FitzPatrick 

1 

Westinghouse 

Summer 

1 

GNF 

Grand  Gulf 

1 

Westinghouse 

Turkey  Point 

2 

GNF 

Hatch 

2 

Westinghouse 

Vogtle 

2 

GNF 

LaSalle 

2 

Westinghouse 

Waterford 

1 

GNF 

Limerick 

2 

Westinghouse 

Watts  Bar 

1 

GNF 

Nine  Mile  Point 

2 

Westinghouse 

Wolf  Creek 

1 
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Largely  unknown:  Routing  of  fuel  shipments 

We  cannot  identify  appropriate,  approved  HAZMAT  routes  that  are  used  for  a  shipping  nu¬ 
clear  fuel,  except  in  a  few  states  that  publish  detailed  information.  Therefore,  for  simplicity 
and  consistency,  we  use  the  “Get  Directions”  feature  in  Google  Earth  to  produce  a  trans¬ 
portation  route  from  each  fuel  fabricator  to  each  of  its  assigned  “customers.”  Each  route 
is  based  on  fastest  travel  time,  so  this  places  shipments  mostly  on  high-capacity  highways 
and  interstate  freeways,  which  seems  to  be  realistic. 

To  demonstrate  “realistic,”  consider  the  Google  Earth  route  from  from  Areva  to  Arkansas 
Nuclear  One  as  it  passes  through  the  state  of  Colorado,  shown  by  a  heavy  dark  line  in  Fig¬ 
ure  A.l.  The  Colorado  Department  of  Public  Safety  publishes  a  map  of  roads  approved  for 
shipping  hazardous  materials,  and  the  roads  colored  green  in  Figure  A. 2  are  those  approved 
for  nuclear  materials  [34].  Note  that  the  Google  Earth  route  follows  the  Colorado-approved 
roads  fairly  closely,  with  the  only  difference  being  that  the  Google  Earth  route  avoids  Den¬ 
ver’s  city  center. 


Figure  A.l:  Google  Earth  routing  from  Areva  to  Arkansas  Nuclear  One  as  it  transits  Colorado, 
shown  as  a  heavy  black  line. 
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Figure  A. 2:  Colorado  hazardous  and  nuclear  materials  route  restrictions.  Approved  nuclear 
materials  routes  are  shown  in  green.  A  shipment  from  Areva  to  Arkansas  Nuclear  One  might 
take  the  route  that  is  highlighted  in  black  over  the  approved  nuclear  materials  routes  on  1-25 
and  1-70.  Along  with  Figure  A.l,  this  demonstrates  that  the  “fastest- path”  routing  from  Google 
gives  a  partial  route  that  is  plausible  given  FIAZMAT  road  restrictions.  After  [34]. 


Unknown:  Total  population  affected  by  a  worst-case  attack 

As  a  surrogate  for  worst-case  damage  that  could  be  incurred  along  a  link  in  a  subnetwork, 
we  have  proposed  “the  population  affected.”  Of  course,  exact  calculations  of  this  will 
depend  on  the  subnetwork,  the  material  being  shipped,  and  other  factors.  A  reasonable  ap¬ 
proximation  of  population  affected  at  a  point  location  would  be  the  population  in  a  circular 
region  of  given  area  centered  about  that  point.  Erkut  and  Verter  [14]  discuss  a  “danger 
circle”  as  a  simplification  of  a  PRA  approach  to  transportation  of  HAZMAT.  To  avoid 
complicated  geographical  calculations,  we  assume  that 

1 .  A  grid  is  laid  across  the  region  of  interest,  with  each  (roughly)  square  region  corre¬ 
sponding  to  a  quadrilateral  formed  by  the  cell’s  latitude  and  longitude,  and 

2.  Only  the  population  of  a  grid  square  would  be  affected  by  an  attack  in  that  square. 

Thus,  dk  for  link  k  may  be  computed  by  identifying  all  squares  that  intersect  the  corre¬ 
sponding  route  and  recording  the  maximum  population  among  those. 
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To  demonstrate,  we  use  the  populations  from  the  database  called  “Gridded  Population  of 
the  World,  Version  3  (GPWv3):  Population  Count  Grid”  [28].  This  database  provides 
populations  from  the  2000  U.S.  Census,  adjusted  to  match  U.N.  totals.  The  grid  resolution 
is  2.5  arc-minutes  per  square  or  “cell.”  The  population  is  corrected  as  a  function  of  area 
affected,  as  described  in  Section  5.1. 

Route  coordinates  are  computed  as  described  above  so  that  route-block  intersections  are 
straightforward  to  establish.  The  length  of  each  route,  used  elsewhere,  is  computed  during 
this  process,  also.  For  the  hypothetical  fresh-fuel  subnetwork,  Table  5.1  displays  the  ten 
routes  with  highest  potential  damage.  Chapter  5  also  describes  how  this  model  modifies  to 
handle  worst-case  attacks  that  would  release  material  over  a  larger  area  than  a  single  cell 
and  how  it  extends  to  hijacking  attacks. 


Data  for  other  subnetworks 

We  include  a  discussion  of  other  data  that  might  be  used  for  evaluating  adversarial  risks  in 
subnetworks  we  do  not  consider. 


Uranium  Enrichment 

Domestic  enrichment  of  uranium  occurs  at  two  sites:  United  States  Enrichment  Corpora¬ 
tion’s  gaseous  diffusion  plant,  in  Paducah,  Kentucky,  and  URENCO  USA’s  gas  centrifuge 
enrichment  plant  in  Eunice,  New  Mexico.  Enriched  uranium  hexafluoride  is  shipped  to 
each  of  the  three  fuel  fabrication  sites.  An  application  of  the  recontracting  model  of  Sec¬ 
tion  6.2,  while  initially  seeming  overly  simplistic  given  only  two  supply  nodes,  could  be 
more  significant  if  additional  uranium  enrichment  sites  are  built,  or  if  one  considers  the 
ports  of  entry  of  imported  enriched  uranium.  Simple  rerouting  using  the  “greedy  algo¬ 
rithm,”  as  shown  in  Section  6.3,  could  easily  be  applied  to  this  small  subnetwork.  The 
decoy  model  of  Chapter  7  could  be  employed  here,  if  a  correction  factor  were  applied  to 
the  damage  surrogate  that  accounts  for  the  change  in  anticipated  severity  of  an  attack  on  a 
uranium  hexafluoride  shipping  cask  when  compared  to  an  attack  on  a  fresh  fuel  assembly 
cask.  An  application  of  the  recontracting  model  would  require  building  additional  uranium 
enrichment  sites  or  considering  the  ports  of  entry  of  imported  enriched  uranium. 
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Mixed  Oxide  Fuel 

A  MOX  fuel  production  facility  is  under  construction  at  DoE’s  Savannah  River  Site,  in 
Aiken,  South  Carolina.  The  Tennessee  Valley  Authority  (TVA)  has  expressed  interest  in 
using  MOX  fuel.  TVA  operates  the  Browns  Ferry  Nuclear  Power  Plant  (three  reactors),  near 
Athens,  Alabama;  Sequoyah  Nuclear  Generating  Station  (two  reactors),  near  Soddy-Daisy, 
Tennessee;  and  Watts  Bar  Nuclear  Generating  Station,  near  Spring  City,  Tennessee.  Unless 
domestic  production  of  MOX  fuel  increases  to  multiple  sites,  the  recontracting  model  will 
not  apply.  Similar  to  the  uranium-enrichment  case,  simple  rerouting  could  be  employed,  as 
well  as  the  decoy  model,  provided  a  correction  factor  is  applied  to  the  damage  function. 

Spent  Fuel  to  Repository 

No  repository  exists  in  the  U.S.,  but  the  issues  surrounding  such  shipments  have  been  well 
studied  during  the  failed  attempt  to  create  a  repository  at  Yucca  Mountain,  Nevada;  for 
example,  see  Riddle  et  al.  [35].  Standard  rail  shipments  of  heavy  casks  would  probably 
apply  here  making  analysis  fairly  easy. 
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